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AMENDMENT TO THE CLAIMS 

The following claim listing replaces all prior listings and versions of the claims: 

LISTING OF CLAIMS 
1 . (Currently Amended) A method for securely distributing a component from a network 
host to a network appliance, the method comprising [[the]] steps of: 

executing a secure kernel on said network appliance, said secure kernel including boot 
code for allowing said network appliance to initially boot up and establish communication with 
said network host: 

signing, by said network host, determining, by said secure kernel, whether a configuration 
file exists on said network appliance, said configuration file being signed by said network host 
and including a load table which defines a plurality of authorized components for said network 
appliance; 

e x e cuting a s e cur e kernel and said sign e d configuration fil e on said n e twork appliance, 
said s e cur e k e rnel including computer code for checking th e auth e nticity of said configuration 
fil e and boot cod e for allowing said n e twork appliance to initially boot up and e stablish 
communication with said network host; 

upon determining that said configuration file exists on said network appliance, verifying, 
by said secure kernel, the authenticity of said configuration file; 

only upon verifying that said configuration file is authenticated, reading, by said secure 
kernel, said load table only after said verifying step ; and 

loading said plurality of authorized components defined in said load table onto said 
network appliance? 

wherein said n e twork applianc e is d e t e rmin e d to be authorized receive said authoriz e 
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components . 

2. (Original) The method of claim 1, wherein said loading step comprises loading an 
operating system. 

3. (Original) The method of claim 1, wherein said loading step comprises loading a 
computer software application. 

4. (Original) The method of claim 1, wherein said loading step comprises loading 
services. 

5. (Currently Amended) The method of claim 1, further comprising the st e ps of: wherein: 
in the step of verifying, when said secure kernel judged that said configuration file is not 

authenticated, the method further comprises steps of: 

requesting, by said secure kernel, an updated configuration file; 
generating, by said host, [[an]] said updated configuration file; 
signing, by said host, said updated configuration file; and 

transmitting said signed updated configuration file from said host to said network 
appliance , and [[;]] 

said secure kernel verifies v e rifying, by said secur e kern e l, the authenticity of said 
updated configuration file [[;]] and ther e aft e r r e ading, by said secure k e rn e l, read said updated 
configuration file. 
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6. (New) The method of claim 1, wherein: 

in the step of determining, when said secure kernel determined that a configuration file 
does not exist on said network appliance, the method further comprises steps of: 
requesting, by said secure kernel, a new configuration file; 
generating, by said host, said new configuration file; 
signing, by said host, said new configuration file; and 

transmitting said signed new configuration file from said host to said network 

appliance, and 

said secure kernel verifies the authenticity of said new configuration file and read said 
new configuration file. 

7. (New) The method of claim 1, wherein said plurality of authorized components include 
a hardware component. 

8. (New) The method of claim 1, wherein said load table describes souses of the plurality 
of authorized components. 

9. (New) The method of claim 1, wherein in the step of loading, when said secure kernel 
fails to properly load all of the plurality of authorized components defined in said load table onto 
said network appliance, said secure kernel sends a request through said network for any 
authorized component which is not properly loaded. 
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10. (New) The method of claim 9, wherein: 

said configuration file includes information regarding sources of said authorized 
components specified in said load table, and 

said secure kernel sends said request to a souse included in said information. 

11. (New) The method of claim 1, wherein: 
said network appliance is a set top box, and 

said authorized components relates to a television program. 

12. (New) The method of claim 1, wherein said secure kernel is stored in a non- volatile 
memory which is protected from an access of a user of said network appliance. 



WDC99 1909731-1.034764.0297 



